ReportizFlow
Filtered by vendor
Subscriptions
Total
437 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-0950 | 3 Debian, Libreoffice, Redhat | 3 Debian Linux, Libreoffice, Enterprise Linux | 2024-11-21 | 7.8 High |
| Improper Validation of Array Index vulnerability in the spreadsheet component of The Document Foundation LibreOffice allows an attacker to craft a spreadsheet document that will cause an array index underflow when loaded. In the affected versions of LibreOffice certain malformed spreadsheet formulas, such as AGGREGATE, could be created with less parameters passed to the formula interpreter than it expected, leading to an array index underflow, in which case there is a risk that arbitrary code could be executed. This issue affects: The Document Foundation LibreOffice 7.4 versions prior to 7.4.6; 7.5 versions prior to 7.5.1. | ||||
| CVE-2023-0755 | 3 Ge, Ptc, Rockwellautomation | 9 Digital Industrial Gateway Server, Kepware Server, Kepware Serverex and 6 more | 2024-11-21 | 9.8 Critical |
| The affected products are vulnerable to an improper validation of array index, which could allow an attacker to crash the server and remotely execute arbitrary code. | ||||
| CVE-2022-47348 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-11-21 | 5.5 Medium |
| In engineermode services, there is a missing permission check. This could lead to local denial of service in engineermode services. | ||||
| CVE-2022-47347 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-11-21 | 5.5 Medium |
| In engineermode services, there is a missing permission check. This could lead to local denial of service in engineermode services. | ||||
| CVE-2022-47346 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-11-21 | 5.5 Medium |
| In engineermode services, there is a missing permission check. This could lead to local denial of service in engineermode services. | ||||
| CVE-2022-47345 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-11-21 | 5.5 Medium |
| In engineermode services, there is a missing permission check. This could lead to local denial of service in engineermode services. | ||||
| CVE-2022-47344 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-11-21 | 5.5 Medium |
| In engineermode services, there is a missing permission check. This could lead to local denial of service in engineermode services. | ||||
| CVE-2022-47343 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-11-21 | 5.5 Medium |
| In engineermode services, there is a missing permission check. This could lead to local denial of service in engineermode services. | ||||
| CVE-2022-47342 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-11-21 | 5.5 Medium |
| In engineermode services, there is a missing permission check. This could lead to local denial of service in engineermode services. | ||||
| CVE-2022-46152 | 1 Op-tee | 1 Op-tee Os | 2024-11-21 | 8.2 High |
| OP-TEE Trusted OS is the secure side implementation of OP-TEE project, a Trusted Execution Environment. Versions prior to 3.19.0, contain an Improper Validation of Array Index vulnerability. The function `cleanup_shm_refs()` is called by both `entry_invoke_command()` and `entry_open_session()`. The commands `OPTEE_MSG_CMD_OPEN_SESSION` and `OPTEE_MSG_CMD_INVOKE_COMMAND` can be executed from the normal world via an OP-TEE SMC. This function is not validating the `num_params` argument, which is only limited to `OPTEE_MSG_MAX_NUM_PARAMS` (127) in the function `get_cmd_buffer()`. Therefore, an attacker in the normal world can craft an SMC call that will cause out-of-bounds reading in `cleanup_shm_refs` and potentially freeing of fake-objects in the function `mobj_put()`. A normal-world attacker with permission to execute SMC instructions may exploit this flaw. Maintainers believe this problem permits local privilege escalation from the normal world to the secure world. Version 3.19.0 contains a fix for this issue. There are no known workarounds. | ||||
| CVE-2022-42255 | 5 Citrix, Linux, Nvidia and 2 more | 6 Hypervisor, Linux Kernel, Cloud Gaming and 3 more | 2024-11-21 | 5.3 Medium |
| NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where an out-of-bounds array access may lead to denial of service, information disclosure, or data tampering. | ||||
| CVE-2022-42254 | 5 Citrix, Linux, Nvidia and 2 more | 12 Hypervisor, Linux Kernel, Cloud Gaming and 9 more | 2024-11-21 | 5.3 Medium |
| NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where an out-of-bounds array access may lead to denial of service, data tampering, or information disclosure. | ||||
| CVE-2022-42011 | 3 Fedoraproject, Freedesktop, Redhat | 4 Fedora, Dbus, Enterprise Linux and 1 more | 2024-11-21 | 6.5 Medium |
| An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message where an array length is inconsistent with the size of the element type. | ||||
| CVE-2022-40539 | 1 Qualcomm | 50 Qam8295p, Qam8295p Firmware, Qca6574au and 47 more | 2024-11-21 | 8.4 High |
| Memory corruption in Automotive Android OS due to improper validation of array index. | ||||
| CVE-2022-40537 | 1 Qualcomm | 324 Apq8009, Apq8009 Firmware, Apq8009w and 321 more | 2024-11-21 | 7.3 High |
| Memory corruption in Bluetooth HOST while processing the AVRC_PDU_GET_PLAYER_APP_VALUE_TEXT AVRCP response. | ||||
| CVE-2022-40534 | 1 Qualcomm | 26 Snapdragon W5\+ Gen 1 Wearable Platform, Snapdragon W5\+ Gen 1 Wearable Platform Firmware, Sw5100 and 23 more | 2024-11-21 | 8.4 High |
| Memory corruption due to improper validation of array index in Audio. | ||||
| CVE-2022-38072 | 2 Admesh Project, Slic3r | 2 Admesh, Libslic3r | 2024-11-21 | 6.5 Medium |
| An improper array index validation vulnerability exists in the stl_fix_normal_directions functionality of ADMesh Master Commit 767a105 and v0.98.4. A specially-crafted stl file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability. | ||||
| CVE-2022-35737 | 4 Netapp, Redhat, Splunk and 1 more | 5 Ontap Select Deploy Administration Utility, Enterprise Linux, Rhel Eus and 2 more | 2024-11-21 | 7.5 High |
| SQLite 1.0.12 through 3.39.x before 3.39.2 sometimes allows an array-bounds overflow if billions of bytes are used in a string argument to a C API. | ||||
| CVE-2022-33302 | 1 Qualcomm | 450 315 5g Iot Modem, 315 5g Iot Modem Firmware, 8905 and 447 more | 2024-11-21 | 6.8 Medium |
| Memory corruption due to improper validation of array index in User Identity Module when APN TLV length is greater than command length. | ||||
| CVE-2022-33289 | 1 Qualcomm | 452 315 5g Iot Modem, 315 5g Iot Modem Firmware, 7wcn785x-1 and 449 more | 2024-11-21 | 6.8 Medium |
| Memory corruption occurs in Modem due to improper validation of array index when malformed APDU is sent from card. | ||||